4/29/08

It sounds like the Westell does port-based NAT (PNAT). You are actually performing PNAT twice. Since when you only have the ADSL router, you can video chat anywhere, I suspect you can't PNAT the connections twice. (This is the case with IPsec.)

With and without UPnP selected in the router, the result was almost the same as it has been. The connection with test-user rjinwipc just sat there saying, "Waiting for a response from rjinwipc." A connection attempt to ichatavtesting resuled in ""Failed to start video chat because: Frederick M. Avolio did not respond." I could get to appleu3test0, no problem.

These are some recent comments from an Apple discussion thread on the subject of iChat video with AIM. Let me just point out, they summarize my experiences.

"but my basic conclusion based on what I have seen is that there are issues with video chat between AIM 5.9 and iChat AV, and there isn't much i can do about it for now"

"I can no longer in good conscience recommend iChat AV to AIM 5.9 for cross platform video conferencing as there are just too many issues"

If any of you try to connect to test—and that would be fine if I am around, please do e-mail if it failed. Or send an IM text note. I don't want anyone to think I hung up on him!. (30 minutes ago someone connected for a video-chat. I accepted, we connected, I saw his smiling face, and BAM! Gone. I didn't get his name and am not sure what when wrong.)

Things have changed little in the world of network security support from 2001. (Yes, that is not a "typo"—little.) I still think many of us are transitioned from "network support person" to "security guru" fairly quickly. Sometimes, we seek this ourselves, wanting something more "interesting to do." And sometimes we seek glory and honor. At the end of the day, people will still hate you. What people? It depends. Whoever is trying to do something "vital to the mission," and who forgot to talk to you about security until the last minute. This list can include software product developers, sales executives, program managers, product managers, network engineers, etc. But, you did ask for it, now didn't you?

Before I get to updating my old column, a warning: you, dear reader, want to hear new, exciting, interesting, and jazzy things to learn. And, indeed, there is some of that. But, I fear you will be disappointed that I will point to some old books and papers and old things to learn. Take heart. If this was a theology course, we would still look at old texts. As Paul Simon reminds us, in his song "Old," "God is old." (I lost some of you by mentioning Paul Simon, right? "Avolio is old," you thought.) Let me put it another way: If you study and use calculus or Boolean algebra, you don't only look at breakthroughs in those disciplines from the past few years. So, you'll have to trust me. You'll want to jump to the new and jazzy. You will do yourself a great favor by studying some old things, as well as new. You'd do it in physics or mathematics. You should also do so here.

One more warning: if your employer will send you to "CISSP school," in which you get trained to pass the CISSP exam, take them up on it. But, you will still need to do more. I know CISSPs who, by definition, passed the exam, but also clearly have no practical knowledge or experience.

First Steps.

As I said a few years back, "first off, you will have to exert some effort. You'll have to work. My idea is to give you work you can do in a reasonable amount of time, while still employed. ... You need to do some basic reading. Not all at once, and not in every area. Some excellent books and papers will provide a good start. I am only going to point to a few of these, because you are supposed to be able to do this without taking six months off."

You'll need to learn terminology around security, but that will come as you peruse the Internet, making use of Google and Wikipedia. Start with learning the technology in your current area of responsibility.

For security basics, let's start with WatchGuard, and not just because they asked me to do this. Their education page is easy to navigate and has information for Jedi masters as well as the padawan learner. Bookmark their "Network Security Glossary." Spend some time reading their White Papers. (They are free with a registration. They will not spam you. Scott promises.) Most of what they have--papers, podcasts, and videos--are 99% unbiased with 1% advertising. (Scott has to eat, too, you know.) Their "IT Managers' Security Resources" are for anyone wanting to come learn more about network and computer security, not just for IT folks and certainly not just for managers. These provide practical advice for securing the corporate network from user to servers, along with an occasional technical "deep dive" piece. As you move towards Master from Learner, you will want to try your skills in "The Dustin Barnes Mystery Series," also found on their web page. Check out their instructional videos (fun but no fluff, I promise), and, of course, subscribe to their Radio Free Security podcasts. (You might find their case studies of interest, but these do seem to have the look and feel of marketing communication glossies.)

Next stop, Techtarget's SearchSecurity site. They also have excellent whitepapers and reports. Their main page is a "security portal" of sorts, gathering infosec news as well as security papers grouped topically. (Most of these papers are produced or sponsored by vendors and require registering.) While there, you should also subscribe to some of their RSS newsfeeds, such as Security Wire Daily News (or Weekly) and Network Security Tactics. Also, there, you can subscribe to Information Security Magazine. You can also read some of the articles in the latest issue here.

Next steps.

In addition to the "portals" mentioned above, we can drill down a bit into these particular areas.

Malware This includes antivirus and spyware. Really, there aren't many books to recommend to come up to speed on Spyware. For antivirus I recommend Hacking Exposed 5th Edition (Hacking Exposed), though it covers a great deal more than that. Otherwise, peruse the malware topic area in the Searchsecurity papers (with the warning of vendor sponsorship I previously made). Actually, I'd go to WatchGuard's education area and watch the "Malware Analysis Video: Drive-by Downloads"

Ongoing

How in the world will you keep up to date on changing technologies and events while still keeping your job (and maybe even having a life)? The answer is "automate." Sign up to an RSS news service (mentioned earlier). Spend a half hour of each day checking news items and bulletins.

Start poking around NIST's Computer Security Division's Computer Security Resource Center. There are some useful papers and guidelines here. There are also things that look surprisingly like they were written by someone getting paid by the word. (They were not. But, one of the mottos of big government agencies seems to be, "Never say in 10 words what you can say in 100.") Their "Guide to NIST Information Security Documents" is 36 pages.

There are security-related magazines to read, and my favorites both have electronic and print versions:

Are We There Yet?

In this column, I briefly suggested and pointed to resources to help you move from beginner, towards "expert." This has not been exhaustive; undoubtedly, I have left out some excellent resources. Treat these suggestions as a starting point. Most of these resources will lead to others. With some reading and some trying this and sampling that, you will start down a path that can, eventually, lead you from novice to expert.